* Rachel Hinton…
A “ransomware” group potentially linked to Russia has uploaded to a website scores of documents it says were stolen from Illinois Attorney General Kwame Raoul’s office over two weeks after the state’s top law enforcement officer first reported his office’s computer network was compromised.
Raoul had declined to publicly provide details of the hack, but on Thursday, he issued a follow-up statement, saying his office has set up a toll-free hotline for those seeking more information on the breach, which could include “names, addresses, email addresses, Social Security numbers, health insurance and medical information, tax information, and driver’s license numbers.” […]
The latest announcement comes after the ransomware group DoppelPaymer posted 68 documents it said are from the attorney general’s office, as well as other entities they’ve hit, on a website on which a user can find “private data of the companies which were hacked by DoppelPaymer.”
According to the website, the “companies decided to keep the leakage secret. And now their time to pay is over.”
This happened weeks ago and the AG’s office is only now finally telling the public about a ransomware attack? Before, all they would say was they were hacked.
* From the attorney general…
Attorney General Kwame Raoul today announced the Office of the Attorney General is notifying the public in accordance with state statute, of a ransomware attack that has compromised the office’s network. While the extent of the information compromised is currently under investigation, the Attorney General’s office is launching a toll-free hotline and providing additional information to the public via its website.
The Attorney General’s office, aided by law enforcement and external technology experts, continues to evaluate the full extent of the compromise, including identifying the information that was exposed and what was done with that information. At the same time, work is taking place around the clock to rebuild the office’s network. In the interim, the Attorney General’s office is launching a hotline that will go into operation at 8 a.m. Central time Friday. The Attorney General’s office is providing additional information to answer individuals’ questions and help them protect against identity theft.
“While we do not yet know with certainty what was compromised in the ransomware attack, we are working closely with federal law enforcement authorities and outside technology experts to determine what information was exposed, how this happened, and what we can do to ensure that such a compromise does not happen again,” Raoul said. “This process will take time, but I understand that members of the public may have questions now, which is why I am establishing a toll-free hotline and making information available online. I am committed to transparency throughout this very sensitive process and will continue to provide updates that do not jeopardize the progress of our ongoing investigation or the security of our network.”
What has since been identified as a ransomware attack was initially discovered in the early hours of Saturday, April 10 when employees were unable to access the office’s network. The office launched an immediate investigation and has maintained close contact with federal law enforcement and external technology experts to determine which network components have been compromised. The office has continued regular operations to the extent possible while efforts to rebuild the network are underway.
Illinois statute requires residents to be notified if their information may have been compromised by a data breach. Accordingly, a public notification and answers to frequently asked questions related to the network compromise are now available on the Attorney General’s website. The Attorney General’s office has not yet determined what personal information on its network is impacted. However, information from the public stored on the office’s network includes names, addresses, email addresses, Social Security numbers, health insurance and medical information, tax information, and driver’s license numbers. The Attorney General’s office routinely offers guidance to help residents protect themselves from identity theft, and today’s public notice details steps people can take to protect their identities.
Attorney General Raoul also announced a dedicated toll-free hotline staffed by Rust Consulting Inc., a company that specializes in legal notifications. Beginning Friday, individuals who have questions about the network compromise can call the Attorney General’s Computer Network Compromise Hotline at 1-833-688-1949, Monday through Friday between the hours of 8 a.m. and 5 p.m. Central time.
The Attorney General’s office continues to evaluate the extent of the network compromise by ransomware. Additional details about the compromise and the personal information impacted will be made available on the Attorney General’s website, to the extent possible, upon completion of the office’s internal investigation and its work with law enforcement and external technology experts.
That is some super-dense prose right there.